nagai/kernel
3
0
Fork 0
forked from mirrors/linux
Code Pull requests Activity

btrfs: send: silence an integer overflow warning

Browse source 
The "sizeof(*arg->clone_sources) * arg->clone_sources_count" expression
can overflow.  It causes several static checker warnings.  It's all
under CAP_SYS_ADMIN so it's not that serious but lets silence the
warnings.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
This commit is contained in:
Dan Carpenter 2016-04-13 09:40:59 +03:00 committed by David Sterba
parent 41b34accb2
commit f5ecec3ce2
1 changed files with 6 additions and 0 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

6
fs/btrfs/send.c
View file

@ -5978,6 +5978,12 @@ long btrfs_ioctl_send(struct file *mnt_file, void __user *arg_)
goto out; goto out;
} }
if (arg->clone_sources_count >
ULLONG_MAX / sizeof(*arg->clone_sources)) {
ret = -EINVAL;
goto out;
}
if (!access_ok(VERIFY_READ, arg->clone_sources, if (!access_ok(VERIFY_READ, arg->clone_sources,
sizeof(*arg->clone_sources) * sizeof(*arg->clone_sources) *
arg->clone_sources_count)) { arg->clone_sources_count)) {